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CHAPTER  1 


IHTRODOCTION 

This  Validation  Summary  Report  “(ifSltg  describes  the  extent  to  which  a 
specific  Ada  compiler  conforms  to  the  Ada  Standard,  ANSI/MIL-STD-1815A. 
This  report  explains  all  technical  terms  used  within  it  and  thoroughly 
reports  the  results  of  testing  this  compiler  using  the  Ada  Compiler 
Validation  Capability  (ACVC).  An  Ada  compiler  must  be  Implemented 
according  to  the  Ada  Standard,  and  any  implementation-dependent  features 
must  conform  to  the  requirements  of  the  Ada  Standard.  The  Ada  Standard 
must  be  Implemented  in  its  entirety,  and  nothing  can  be  implemented  that  is 
not  in  the  Standard 


Even  though  all  validated  Ada  compilers  conform  to  the  Ada  Standard,  it 
must  be  understood  that  some  differences  do  exist  between  implementations. 
The  Ada  Standard  permits  some  implementation  dependencies~for  example,  the 
maximum  length  of  identifiers  or  the  maximum  values  of  integer  types. 
Other  differences  between  compilers  result  from  the  characteristics  of 
particular  operating  systems,  hardware,  or  implementation  strategies.  All 
the  dependencies  observed  during  the  process  of  testing  this  compiler  are 
given  in  this  report . 


The  Information  in  this  report  is  derived  from  the  test  results  produced 
during  validation  testing.  The  validation  process  includes  submitting  a 
suite  of  standardized  tests,  the  ACVC,  as  inputs  to  am  Ada  compiler  and 
evaluating  the  results. *>^^e  purpose  of  validating  is  to  ensure  conformity 
of  the  compiler  to  the  Ada^tandard  by  testing  that  the  compiler  properly 
implements  legal  language\  constructs  and  that  it  identifies  and  rejects 
illegal  language  constructs.  The  testing  also  identifies  behavior  that  is 
implementation  dependent  but(  permitted  by  the  Ada  Standard.  Six  classes  of 
tests  are  used.  These  test^  are  designed  to  perform  checks  at  compile 
time,  at  link  time,  and  during  execution. 
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1.1  PURPOSE  OF  THIS  VALIDATION  SUMMARY  REPORT 

This  VSR  documents  the  results  of  the  validation  testing  performed  on  an 
Ada  compiler.  Testing  was  carried  out  for  the  following  purposes: 

.  To  attempt  to  identify  any  language  constructs  supported  by  the 
compiler  that  do  not  conform  to  the  Ada  Standard 

.  To  attempt  to  identify  any  language  constructs  not  supported  by 
the  compiler  but  required  by  the  Ada  St^mdard 

.  To  determine  that  the  lmplementatlon-dei>endent  behavior  is  allowed 
by  the  Ada  Standard 


Testing  of  this  compiler  was  conducted  by  SofTech,  Inc.  under  the 
direction  of  the  AVF  according  to  procedures  established  by  the  Ada  Joint 
Program  Office  and  administered  by  the  Ada  Validation  Organization  (AVO). 
On>site  testing  was  completed  15  June  1988  at  San  Jose  CA. 


1.2  USE  OF  THIS  VALIDATION  SUMMARY  REPORT 

Consistent  with  the  national  laws  of  the  originating  country,  the  AVO  may 
make  full  and  free  public  disclosure  of  this  report.  In  the  United  States, 
this  is  provided  in  accordance  with  the  "Freedom  of  Information  Act"  (5 
U.S.C.  #552).  The  results  of  this  validation  apply  only  to  the  computers, 
operating  systems,  and  compiler  versions  identified  in  this  report. 

The  organizations  represented  on  the  signature  page  of  this  report  do  not 
represent  or  warrant  that  all  statements  set  forth  in  this  report  are 
accurate  and  complete,  or  that  the  subject  compiler  has  no  nonconformities 
to  the  Ada  Standard  other  than  those  presented.  Copies  of  this  report  are 
available  to  the  public  from: 

Ada  Information  Clearinghouse 
Ada  Joint  Program  Office 
OUSDRE 

The  Pentagon,  Rm  3D- 139  (Fern  Street) 

Washington  DC  20301-3081 


or  from: 


Ada  Validation  Facility 
ASD/SCEL 

Wright -Patterson  AFB  OH  45U33-6503 
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Questions  regarding  this  report  or  the  validation  test  results  should  be 
directed  to  the  AVF  listed  above  or  to: 

Ada  Validation  Organization 
Institute  for  Defense  Analyses 
1801  North  Beauregard  Street 
Alexandria  VA  22311 


1.3  REFERENCES 


1 .  Reference  Manual  for  the  Ada  Programming  Language, 
ANSI/MIL-STD-1815A,  February  1983  and  ISO  8652-1987. 

2.  Ada  Compiler  Validation  Procedures  and  Guidelines .  Ada  Joint 
Program  Office,  1  January  1987. 

3.  Ada  Compiler  Validation  Capability  Implementers *  Guide ,  SofTech, 
Inc.,  December  1986. 

4.  Ada  Compiler  Validation  Capability  User's  Guide ,  December  1986. 


1.4  DEFINITION  OF  TERMS 


ACVC  The  Ada  Compiler  Validation  Capability.  The  set  of  Ada 

programs  that  teats  the  conformity  of  an  Ada  compiler  to  the 
Ada  programming  language. 

Ada  An  Ada  Commentary  contains  all  information  relevant  to  the 

Commentary  point  addressed  by  a  comment  on  the  Ada  Standard.  These 

comments  are  given  a  unique  identification  number  having  the 
form  Al-ddddd. 


Ada  Standard  ANSI/MIL-STD-1815A,  February  1983  and  ISO  8652-1987. 

Applicant  The  agency  requesting  validation. 

AVF  The  Ada  Validation  Facility.  The  AVF  is  responsible  for 

conducting  compiler  validations  according  to  procedures 
contained  in  the  Ada  Compiler  Validation  Procedures  and 
Guidelines . 

AVO  The  Ada  Validation  Organization.  The  AVO  has  oversight 

authority  over  all  AVF  practices  for  the  purpose  of 
maintaining  a  uniform  process  for  validation  of  Ada 
compilers.  The  AVO  provides  administrative  and  technical 
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support  for  Ada  validations  to  ensure  consistent  practices . 

Coopiler  A  processor  for  the  Ada  language.  In  the  context  of  this 

report,  a  compiler  is  any  language  processor,  including 
cross-compilers,  translators,  and  Interpreters. 

Failed  test  An  AC7C  test  for  which  the  compiler  generates  a  result  that 
demonstrates  nonconformity  to  the  Ada  Standard. 

Host  The  computer  or  which  the  compiler  resides. 

Inapplicable  An  ACVC  teat  that  uses  features  of  the  language  that  a 

test  compiler  is  not  required  to  support  or  may  legitimately 

support  in  a  way  other  than  the  one  expected  by  the  test. 

Passed  test  An  ACVC  test  for  which  a  compiler  generates  the  expected 
result . 


Target 

Test 


The  computer  for  which  a  compiler  generates  code. 

A  program  that  checks  a  compiler's  conformity  regarding  a 
particular  feature  or  a  combination  of  features  to  the  Ada 
Standard.  In  the  context  of  this  report,  the  term  is  used  to 
designate  a  single  test,  which  may  comprise  one  or  more 
files . 


Withdrawn  An  ACVC  test  found  to  be  incorrect  and  not  used  to  check 

test  conformity  to  the  Ada  Standard.  A  test  may  be  incorrect 

because  it  has  an  invalid  test  objective,  fails  to  meet  its 
test  objective,  or  contains  illegal  or  erroneous  use  of  the 
language . 


1.5  ACVC  TEST  CLASSES 

Conformity  to  the  Ada  Standard  is  meaisured  using  the  ACVC.  The  ACVC 
contains  both  legal  and  illegal  Ada  programs  structured  into  six  test 
clMses;  A,  B,  C,  D,  E,  and  L.  The  first  letter  of  a  test  name  identifies 
the  class  to  which  it  belongs.  Class  A,  C,  D,  and  E  testa  are  executable, 
and  special  program  units  are  used  to  report  their  results  during 
execution.  Class  B  tests  are  expected  to  produce  compilation  errors. 
Class  L  teats  are  expected  to  produce  compilation  or  link  errors. 

Class  A  tests  check  that  legal  Ada  programs  can  be  successfully  compiled 
and  executed.  There  are  no  explicit  program  components  in  a  Class  A  test 
to  check  semantics.  For  example,  a  Class  A  test  checks  that  reserved  words 
of  another  language  (other  than  those  already  reserved  in  the  Ada  language) 
au?e  not  treated  as  reserved  words  by  an  Ada  compiler.  A  Class  A  test  is 
passed  if  no  errors  are  detected  at  compile  time  and  the  program  executes 
to  produce  a  PASSED  message. 
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Class  B  tests  check  that  a  compiler  detects  illegal  language  usage.  Class 
B  tests  are  not  executable.  Each  test  in  this  class  is  compiled  and  the 
resulting  compilation  listing  is  examined  to  verify  that  every  syntax  or 
semantic  error  in  the  test  is  detected.  A  Class  B  test  is  passed  if  every 
illegal  construct  that  it  contains  is  detected  by  the  compiler. 

Class  C  tests  check  that  legal  Ada  programs  can  be  correctly  compiled  and 
executed.  Each  Class  C  test  is  self>checking  and  produces  a  PASSED, 
FAILED,  or  NOT  APPLICABLE  message  indicating  the  result  when  it  is 
executed . 

Class  D  tests  check  the  compilation  and  execution  capacities  of  a  compiler. 
Since  there  are  no  capacity  requirements  placed  on  a  compiler  by  the  Ada 
Standard  for  some  parameters — for  example,  the  number  of  identifiers 
permitted  in  a  compilation  or  the  number  of  units  in  a  library — a  compiler 
may  refuse  to  compile  a  Class  D  test  and  still  be  a  conforming  compiler. 
Therefore,  if  a  Class  D  test  fails  to  compile  because  the  capacity  of  the 
compiler  is  exceeded,  the  test  is  classified  as  -inapplicable.  If  a  Class  D 
test  compiles  successfully,  it  is  self>checklng  and  produces  a  PASSED  or 
FAILED  message  during  execution. 

Each  Class  E  test  is  self-checking  and  produces  a  NOT  APPLICABLE,  PASSED, 
or  FAILED  message  when  it  is  compiled  and  executed.  However,  the  Ada 
Standard  permits  an  implementation  to  reject  programs  containing  some 
features  addressed  by  Class  E  tests  during  compilation.  Therefore,  a  Class 
E  test  is  passed  by  a  compiler  if  it  is  compiled  successfully  and  executes 
to  produce  a  PASSED  message,  or  if  it  is  rejected  by  the  compiler  for  am 
allowable  reason. 

Class  L  tests  check  that  incomplete  or  Illegal  Ada  programs  involving 
multiple ,  separately  compiled  units  are  detected  and  not  allowed  to 
execute.  Claiss  L  tests  are  compiled  separately  and  execution  is  attempted. 
A  Class  L  test  pamses  if  it  is  rejected  at  link  time — that  is,  an  attempt 
to  execute  the  main  program  must  generate  an  error  message  before  any 
declarations  in  the  main  program  or  any  units  referenced  by  the  main 
program  are  elaborated. 

Two  library  units,  the  package  REPORT  and  the  procedure  CHECK_FILE,  support 
the  self-checking  features  of  the  executable  tests.  The  package  REPORT 
provides  the  mechanism  by  which  executable  teats  report  PASSED,  FAILED,  or 
NOT  APPLICABLE  results.  It  also  provides  a  set  of  identity  functions  used 
to  defeat  some  compiler  optimizations  allowed  by  the  Ada  Standard  that 
would  circumvent  a  teat  objective.  The  procedure  CHECK__FILE  is  used  to 
check  the  contents  of  text  files  written  by  some  of  the  Class  C  tests  for 
chapter  14  of  the  Ada  Standard.  The  operation  of  RE.’ORT  and  CHECK_FILE  is 
checked  by  a  set  of  executable  tests.  These  tests  produce  messages  that 
are  examined  to  verify  that  the  units  are  operating  correctly.  If  these 
units  are  not  operating  correctly,  then  the  validation  is  not  attempted. 

The  text  of  the  tests  in  the  ACVC  follow  conventions  that  are  intended  to 
ensure  that  the  tests  are  reasonably  portable  without  modification.  For 
example,  the  tests  make  use  of  only  the  basic  set  of  55  characters,  contain 
lines  with  a  maximum  length  of  72  characters ,  use  small  numeric  values ,  and 
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place  features  that  may  not  be  supported  by  all  implementations  in  separate 
tests.  However,  some  tests  contain  values  that  require  the  test  to  be 
customized  according  to  implementation-specific  values — for  example,  an 
Illegal  file  name.  A  list  of  the  values  used  for  this  validation  is 
provided  in  Appendix  C. 

A  compiler  must  correctly  process  each  of  the  tests  in  the  suite  and 
demonstrate  conformity  to  the  Ada  Standard  by  either  meeting  the  pass 
criteria  given  for  the  test  or  by  showing  that  the  test  is  inapplicable  to 
the  implementation.  The  applicability  of  a  test  to  an  implementation  is 
considered  each  time  the  implementation  is  validated.  A  test  that  is 
inapplicable  for  one  validation  is  not  necessarily  Inapplicable  for  a 
subsequent  validation.  Any  test  that  was  determined  to  contain  an  illegal 
language  construct  or  an  erroneous  language  construct  is  withdrawn  from  the 
ACVC  and,  therefore,  is  not  used  in  testing  a  compiler.  The  tests 
withdrawn  at  the  time  of  this  validation  are  given  in  Appendix  D. 
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CONFIGURATION  INFORMATION 


2.1  CONFIGURATION  TESTED 

The  candidate  compilation  system  for  this  validation  was  tested  under  the 
following  configuration: 


Compiler;  Tolerant  Ada  Development  System,  Version  2.2 
ACVC  Version;  1.9 

Certificate  Number;  880613W1 .09091 

Host  Computer: 

Machine;  Tolerant  Eternity 

Operating  System;  TX 

Release  5.3*15 

Memory  Size;  12  MB 


Target  Computer: 

Machine : 

Operating  System; 
Memory  Size: 


Tolerant  Eternity 
TX 

Release  5.3.15 
12  MB 
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2.2  IMPLEMENTATION  CHARACTERISTICS 

One  of  the  purposes  of  validating  compilers  is  to  determine  the  behavior  of 
a  compiler  in  those  areas  of  the  Ada  Standard  that  permit  implementations 
to  differ.  Class  D  and  E  tests  specifically  check  for  such  implementation 
differences.  However,  tests  in  other  classes  also  characterize  an 
implementation.  The  tests  demonstrate  the  following  characteristics: 


.  Capacities. 

The  compiler  correctly  processes  tests  containing  loop  statements 
nested  to  65  levels,  block  statements  nested  to  65  levels,  and 
recursive  procedures  separately  compiled  as  subunits  nested  to  17 
levels.  It  correctly  processes  a  compilation  containing  723 
variables  in  the  same  declarative  part.  (See  tests  D55A03A. .H  (8 
tests),  D56001B,  D64005E..G  (3  tests),  and  D29002K.) 


.  Universal  integer  calculations. 

An  implementation  is  allowed  to  reject  universal  integer 
calculations  having  values  that  exceed  SYSTEM. MAX_INT.  This 
implementation  processes  64  bit  integer  calculations.  (See  tests 
D4A002A,  D4A002B,  D4A004A,  and  D4A004B.) 


.  Predefined  types. 

This  implementation  supports  the  additional  predefined  types 
SHORT  INTEGER,  SH0RT_FL0AT,and  TINY  INTEGER  in  the  package 
STANDARD.  (See  tests  B86001C  and  B8600Td.) 


.  Based  literals. 

An  implementation  is  allowed  to  reject  a  based  literal  with  a 
value  exceeding  SYSTEM.MAX_INT  during  compilation,  or  it  may  raise 
NUMERIC_ERROR  or  CONSTRAINT_ERROR  during  execution.  This 
implementation  raises  NDMERIC_ERROR  during  execution.  (See  test 
E24101A.) 


.  Expression  evaluation. 

Apparently  no  default  initialization  expressions  for  record 
components  are  evaluated  before  any  value  is  checked  to  belong  to 
a  component's  subtype.  (See  test  C32117A.) 

Assignments  for  subtypes  are  performed  with  the  same  precision  as 
the  base  type.  (See  test  C35712B. ) 
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This  implementation  uses  no  extra  bits  for  extra  precision.  This 
implementation  uses  all  extra  bits  for  extra  range.  (See  test 
C35903A.) 

Sometimes  NUMERIC_ERROR  is  raised  when  an  integer  literal  operand 
in  a  comparison  or  membership  test  is  outside  the  range  of  the 
base  type.  (See  test  C45232A.) 

Sometimes  NUMERIC_ERROR  is  raised  when  a  literal  operand  in  a 
fixed-point  comparison  or  membership  test  is  outside  the  ramge  of 
the  base  type.  (See  test  C45252A.) 

Apparently  underflow  is  not  gradual.  (See  tests  C45524A. .2.) ) 


.  Rounding. 

The  method  used  for  rounding  to  integer  is  apparently  round  to 
even.  (See  tests  C46012A..Z.) 

The  method  used  for  rounding  to  longest  integer  is  apparently 
round  to  even.  (See  testa  C46012A..Z.) 

The  method  used  for  rounding  to  integer  in  static  universal  real 
expressions  is  apparently  round  to  even.  (See  test  C4A014A.) 


.  Array  types. 

An  implementation  is  allowed  to  raise  NUMERIC_ERROR  or 
CONSTRAINT  ERROR  for  an  array  having  a  'LENGTH  that  exceeds 
STANDARD. INTEGER 'LAST  and/or  SYSTEM .MAX_INT .  For  this 
implementation : 

Declaration  of  an  array  type  or  subtype  declaration  with  more  than 
SYSTEM. MAX  INT  components  raises  no  exception.  (See  test 
C36003A.)  “ 

NUMERIC_ERROR  is  raised  when  'LENGTH  is  applied  to  an  array  type 
with  INTEGER 'LAST  2  components.  (See  test  C  3  62  02 A.) 

NUMERIC_ERROR  is  raised  when  'LENGTH  is  applied  to  an  array  type 
with  SYSTEM.MAX__INT  +  2  components.  (See  test  C36202B.) 

A  packed  BOOLEAN  array  having  a  'LENGTH  exceeding  INTEGER 'LAST 
raises  NUMERIC  ERROR  when  the  array  type  is  declared.  (See  test 
C52103X.) 

A  packed  two-dimensional  BOOLEAN  au'ray  with  more  than  INTEGER 'LAST 
components  raises  NUMER1C_ERR0R  when  the  array  objects  are 
declared.  (See  test  C52104Y.) 
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A  null  array  with  one  dimension  of  length  greater  than 
INTEGER 'LAST  may  raise  NUMERIC_ERROR  or  C0NSTRA1NT_ERR0R  either 
when  declared  or  assigned.  Alternatively,  an  implementation  may 
accept  the  declaration.  However,  lengths  must  match  in  array 
slice  assignments.  This  implementation  raises  NUMERIC^ERROR  when 
the  array  type  is  declared.  (See  teat  E52103I.) 

In  usignlng  one-dlmenalonal  array  types,  the  expression  api>ears 
to  be  evaluated  in  its  entirety  before  CONSTRAINT__ERROR  is  raised 
when  checking  whether  the  expression's  subtype  is  compatible  with 
the  target's  subtype.  In  assigning  two-dimensional  array  types, 
the  expression  does  not  appear  to  be  evaluated  in  its  entirety 
before  CONSTRAINT_ERROR  is  raised  when  checking  whether  the 
expression's  subtype  is  compatible  with  the  target's  subtype. 
(See  test  C52013A.) 


.  Discriminated  types . 

During  compilation,  an  implementation  is  allowed  to  either  accept 
or  reject  an  incomplete  type  with  discriminants  that  is  used  in  an 
access  type  definition  with  a  compatible  discriminant  constraint. 
This  implementation  accepts  such  subtype  indications.  (See  test 
E38104A.) 

In  assigning  record  types  with  discriminemts,  the  expression 
appears  to  be  evaluated  in  its  entirety  before  CONSTRAINT__ERROR  is 
raised  when  cheeking  whether  the  expression's  subtype  is 
compatible  with  the  target's  subtype.  (See  test  C52013A.) 


.  Aggregates . 

In  the  evaluation  of  a  multi-dimensional  aggregate,  all  choices 
appear  to  be  evaluated  before  checking  against  the  index  type. 
(See  tests  C43207A  and  C43207B.) 

In  the  evaluation  of  an  aggregate  containing  subaggregates,  all 
choices  are  evaluated  before  being  checked  for  identical  bounds. 
(See  test  E43212B.) 

All  choices  are  evaluated  before  CONSTRAINT_ERROR  is  raised  if  a 
bound  in  a  nonnull  rwge  of  a  nonnull  aggregate  does  not  belong  to 
an  index  subtype.  (See  test  E43211B.) 


.  Representation  clauses . 

An  implementation  might  legitimately  place  restrictions  on 
representation  clauses  used  by  some  of  the  tests.  If  a 
representation  clause  is  used  by  a  test  in  a  way  that  violates  a 
restriction,  then  the  implementation  must  reject  it. 
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Enumeration  representation  clauses  containing  noncontiguous  values 
for  enumeration  types  other  than  character  and  boolean  types  are 
supported.  (See  tests  C35502I..J,  C3550ai..N,  and  A39005F.) 

Enumeration  representation  clauses  containing  noncontiguous  values 
for  character  types  are  supported.  (See  tests  C35507I..J, 
C35507M..N,  and  C55B16A.) 

Enumeration  representation  clauses  for  boolean  types  containing 
representational  values  other  than  (FALSE  =>  0,  TRUE  =>  1)  are 
supported.  (See  tests  C35508I..J  and  C35508M..N.) 

Length  clauses  with  SI2E  specifications  for  enumeration  types  are 
supported.  (See  test  A39005B. ) 

Length  clauses  with  STORAGE_SIZE  specifications  for  access  types 
are  supported.  (See  testa  A39005C  and  C87B62B.) 

Length  clauses  with  STORAGE_SIZE  specifications  for  task  types  are 
supported.  (See  tests  A39005D  and  C87B62D.) 

Length  clauses  with  SMALL  specifications  are  supported.  (See 
tests  A39005E  and  C87B62C.) 

Record  representation  clauses  are  supported  with  the  restriction 
that  a  component  clause  for  a  component  of  a  composite  type  may 
not  specify  a  smaller  size  than  would  otherwise  be  occupied  by  the 
ccmiponent.  (See  test  A39005G.) 

Length  clauses  with  SIZE  specifications  for  derived  integer  types 
are  supported.  (See  test  C87B62A.) 


Pragmas. 

The  pragma  INLINE  is  supported  for  procedures  amd  functions.  (See 
tests  LA3004A,  LA300UB,  EA3004C,  EA3004D,  CA3004E,  and  CA3004F.) 


Input/output . 

The  package  SEQUENTIAL^IO  can  be  instantiated  with  unconstrained 
array  types  and  record  types  with  discriminants  without  defaults. 
(See  tests  AE2101C,  EE2201D,  and  EE2201E.) 

The  package  DIRECT_I0  can  be  instantiated  with  unconstrained  array 
types  and  record  types  with  discriminants  without  defaults.  (See 
tests  AE2101H,  EE2401D,  and  EE2401G.) 

Modes  IN_FILE  and  OUT  FILE  are  supported  for  SEQUENTIAL_IO.  (See 
tests  CE2102D  and  CE2T02E.) 
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Modes  IN_FILE,  OUT  FILE,  and  INOUT_FILE  are  supported  for 
DIRECT_IO.  (See  tests  CE2102F,  CE2102I,  and  CE2102J.) 

RESET  and  DELETE  are  supported  for  SEQUENTIAL_IO  and  DIRECT  10. 
(See  tests  CE2102G  and  CE2102K.) 

Dynamic  creation  and  deletion  of  flies  are  supported  for 
SEQUEMTIAL_I0  and  DIRECT_I0.  (See  testa  CE2106A  and  CE2106B.) 

Overwriting  to  a  aeciuentlal  file  does  not  truncate  the  file.  (See 
teat  CE2208B.) 

An  existing  text  file  can  be  opened  In  0UT_FILE  mode,  can  be 
created  In  0UT_FILE  mode,  and  can  be  created  in  IN_FILE  mode. 
(See  test  EE3102C.) 

More  than  one  Internal  file  can  be  associated  with  each  external 
file  for  text  I/O  for  both  reading  and  writing.  (See  tests 
CE3111A. .E  (5  teats),  CE3114B,  and  CE3115A.) 

More  than  one  Internal  file  can  be  associated  with  each  external 
file  for  sequential  I/O  for  both  reading  and  writing.  (See  tests 
CE2107A..D  (4  tests),  CE2110B,  and  CE2111D.) 

More  than  one  Internal  file  can  be  associated  with  each  external 
file  for  direct  I/O  for  both  reading  and  writing.  (See  tests 
CE2107F..I  (5  testa),  CE2110B,  and  CE2111H.) 

An  Internal  sequential  access  file  and  an  internal  direct  access 
file  can  be  associated  with  a  single  external  file  for  writing. 
(See  test  CE2107E.) 


An  external  file  associated  with  more  than  one  Internal  file  can 
be  deleted  for  SEQUENTIAL_I0,  DIRECT_I0,  and  TEXT_I0.  (See  test 
CE2110B.) 


Temporary  sequential  and  direct  files  are  given  names.  Temporary 
files  given  names  are  deleted  when  they  are  closed.  (See  tests 
CE2108A  and  CE2108C.) 


.  Generics . 

Generic  subprogram  declarations  and  bodies  can  be  compiled  In 

separate  compilations.  (See  tests  CA1012A  and  CA2009F.) 

Generic  package  declarations  and  bodies  can  be  compiled  In 

separate  compilations.  (See  tests  CA2009C,  BC320UC,  and  BC3205D.) 

Generic  unit  bodies  and  their  subunits  can  be  compiled  In  separate 
compilations.  (See  test  CA3011A.) 
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3.1  TEST  RESULTS 

Version  1.9  of  the  ACVC  comprises  3122  tests.  When  this  compiler  was 
tested,  27  tests  had  been  withdrawn  because  of  test  errors.  The  AVF 
determined  that  226  tests  were  inapplicable  to  this  implementation.  All 
inapplicable  tests  were  processed  during  validation  testing  except  for  201 
executable  tests  that  use  floating-point  precision  exceeding  that  supported 
by  the  implementation  .  Modifications  to  the  code,  processing,  or  grading 
for  25  teats  were  required  to  successfully  demonstrate  the  test  objective. 
(See  section  3.6.) 

The  AVF  concludes  that  the  testing  results  demonstrate  acceptable 
conformity  to  the  Ada  Standard. 


3.2  SUMMARY  OF  TEST  RESULTS  BY  CLASS 


RESULT 

A 

B 

TEST 

C 

CLASS 

P 

E 

L 

TOTAL 

Passed 

109 

a> 

ST 

\  o 

1630 

17 

18 

U6 

2869 

Inapplicable 

1 

2 

223 

0 

0 

0 

226 

Withdrawn 

3 

2 

21 

0 

1 

0 

27 

TOTAL 

113 

1053 

St 

CD 

17 

19 

46 

3122 
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3.3  SUMMARY  OF  TEST  RESULTS  BY  CHAPTER 


RESULT 

2 

4 

5 

6 

CHAPTER 

7  8  9 

10 

11 

12 

13 

14 

TOTAL 

Passed 

190 

499 

540 

245 

166 

98 

142 

326 

137 

36 

234 

3 

253 

2869 

Ituipplicable 

14 

73 

134 

3 

0 

0 

1 

1 

0 

0 

0 

0 

0 

226 

Withdrawn 

2 

14 

3 

0 

0 

1 

2 

0 

0 

0 

2 

1 

2 

27 

TOTAL 

206 

586 

677 

248 

166 

99 

145 

327 

137 

36  236 

4 

255 

3122 

3.4  WITHDRAWN  TESTS 

The  following  27  teats  were  withdrawn  from  ACVC  Version  1.9  at  the  time  of 
this  validation: 


B28003A 

E28005C 

C34004A 

C35502P 

A35902C 

C35904A 

C35904B 

C35A03E 

C35A03R 

C37213H 

C37213J 

C37215C 

C37215E 

C37215G 

C37215H 

C38102C 

C41402A 

C45332A 

C45614C 

A74106C 

C85018B 

CE2401H 

C87B04B 

CE3208A 

CC1311B 

BC3105A 

■  AD1A01A 

See  Appendix  D  for  the  reason  that  each  of  these  tests  wais  withdrawn. 


3.5  INAPPLICABLE  TESTS 

Some  tests  do  not  apply  to  all  compilers  because  they  make  use  of  features 
that  a  compiler  is  not  required  by  the  Ada  Standard  to  support.  Others  may 
depend  on  the  result  of  another  test  that  is  either  inapplicable  or 
withdrawn.  The  applicability  of  a  test  to  an  implementation  is  considered 
each  time  a  validation  is  attempted.  A  test  that  is  Inapplicable  for  one 
validation  attempt  is  not  necessarily  inapplicable  for  a  subsequent 
attempt.  For  this  validation  attempt,  226  tests  were  inapplicable  for  the 
reasons  indicated: 


.  C35702B  uses  L0NG_FL0AT  which  is  not  supported  by  this 

implementation . 

.  A39005G  uses  a  record  representation  clause  which  specifies  a 
smaller  size  for  a  component  that  would  otherwise  be  occupied  by 
the  component.  This  implementation  requires  a  pragma  pack  to 
allow  this,  but  the  test  does  not  use  one. 
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.  The  following  tests  use  LONG_INTEGER,  which  is  not  supported  by 
this  compiler: 

CU5231C  C45304C  C45502C  C45503C  C45504C 

C45504F  C45611C  C45613C  C45631C  C45632C 

B52004D  C55B07A  B55B09C 

.  C45531M,  C45531N,  C4553a<,  and  C45532N  use  fine  48-bit  fixed-point 

base  types  which  are  not  supported  by  this  compiler. 

.  C455310,  C45531P|  C455320,  and  C45532P  use  coarse  48-bit 

fixed-point  base  types  which  are  not  supported  by  this  compiler. 

.  C86001F  redefines  package  SYSTEM,  but  TEXT_IO  is  made  obsolete  by 

this  new  definition  in  this  implementation  smd  the  test  cannot  be 
executed  since  the  package  REPORT  is  dependent  on  the  package 
TEXT_IO. 

.  C96005B  requires  the  range  of  type  DURATION  to  be  different  from 

those  of  its  base  type;  in  this  implementation  they  are  the  same. 

.  The  following  201  tests  require  a  floating-point  accuracy  that 
exceeds  the  maximum  of  15  digits  supported  by  this  implementation: 

C24113L..Y  (14  teats)  C35705L. .Y  (14  tests) 

C35706L..Y  (14  teats)  C35707L. .Y  (14  tests) 

C35708L..Y  (14  testa)  C35802L..Z  (15  teats) 

C45241L..Y  (14  teats)  C45321L..Y  (14  tests) 

C45421L..Y  (14  tests)  C45521L..Z  (15  tests) 

C45524L..Z  (15  tests)  C45621L..Z  (15  tests) 

C45641L..Y  (14  tests)  C46012L..Z  (15  tests) 


3.6  TEST,  PROCESSING,  AND  EVALUATION  MODIFICATIONS 

It  is  expected  that  some  testa  will  require  modifications  of  code, 
processing,  or  evaluation  in  order  to  compensate  for  legitimate 
implementation  behavior.  Modifications  are  made  by  the  AVF  in  cases  where 
legitimate  implementation  behavior  prevents  the  successful  completion  of  an 
(otherwise)  applicable  teat.  Examples  of  such  modifications  include; 
adding  a  length  clause  to  alter  the  default  size  of  a  collection;  splitting 
a  Class  B  test  into  subtests  so  that  all  errors  are  detected;  and 
confirming  that  messages  produced  by  an  executable  test  demonstrate 
conforming  behavior  that  wasn't  anticipated  by  the  test  (such  as  raising 
one  exception  Instead  of  another ) . 

Modifications  were  required  for  25  Class  B  tests. 
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The  following  Claes  B  tests  were  split  because  syntax  errors  at  one  point 
resulted  in  the  compiler  not  detecting  other  errors  in  the  test: 


B2U204A 

B24204B 

B24204C 

B2A003A 

B2A003B 

B2A003C 

B24009A 

B33301A 

B37201A 

B38003A 

B38003B 

B38009A 

B38009B 

B41202A 

B44001A 

B64001A 

B67001A 

B67001B 

B67001C 

B67001D 

B91003B 

B95001A 

B97102A 

BC1303F 

BC3005B 

3.7  ADDITIONAL  TESTING  INFORMATION 
3.7.1  Prevalidation 

Prior  to  validation,  a  set  of  test  results  for  ACVC  Version  1.9  produced  by 
the  Tolerant  Ada  Development  Systen,  Version  2.2,  was  submitted  to  the  AVF 
by  the  applicant  for  review.  Analysis  of  these  results  demonstrated  that 
the  compiler  successfully  passed  all  applicable  tests,  and  the  compiler 
exhibited  the  expected  behavior  on  all  Inapplicable  tests. 


3.7.2  Test  Method 

Testing  of  the  Tolerant  Ada  Development  System,  Version  2.2,  using  ACVC 
Version  1.9  was  conducted  on-site  by  a  validation  team  from  the  AVF.  The 
configuration  consisted  of  a  Tolerant  Eternity  operating  under  TX,  Release 
5.3.15,  serving  as  both  host  and  target. 

A  magnetic  tape  containing  all  tests  except  for  withdrawn  tests  and  tests 
requiring  unsupported  floating-point  precisions  wm  taken  on-site  by  the 
validation  team  for  processing.  Tests  that  make  use  of 
implementation-specific  values  were  customized  before  being  written  to  the 
magnetic  tape.  Tests  requiring  modifications  during  the  prevalidation 
testing  were  included  in  their  modified  form  on  the  magnetic  tape. 

The  contents  of  the  magnetic  tape  were  loaded  directly  onto  the  host 
computer.  After  the  teat  files  were  loaded  to  disk,  the  full  set  of  tests 
was  compiled  and  linked  on  the  Tolerant  Eternity,  and  all  executable  tests 
were  run  on  the  Tolerant  Eternity.  Results  were  printed  from  the  tau-get 
computer. 

The  compiler  was  tested  using  command  scripts  provided  by  Tolerant  Systems 
and  reviewed  by  the  validation  team.  The  compiler  was  tested  using  all 
default  switch  settings  except  for  the  following: 
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Switch 


Effect 


-M  <unitjtiaBie> 
-0  <a.out> 


Produce  an  executable  unit  using  <unit_name>  as  the 
main  program. 

Output^filename  is  <a.out>. 


Tests  were  compiled,  linked,  and  executed  (as  appropriate)  using  a  single 
host-target  computer.  Test  output,  compilation  listings,  and  Job  logs  were 
captured  on  magnetic  tape  and  archived  at  the  AVF.  The  listings  examined 
on-site  by  the  validation  team  were  also  archived. 


3.7.3  Test  Site 

Testing  was  conducted  at  San  Jose  CA  and  was  completed  on  15  June  I988. 
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decuration  of  conformance 


Tolerant  Systems  has  submitted  the  following 
Declaration  of  Conformance  concerning  the  Tolerant  Ada 
Development  System. 
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DECLARATION  OF  Ct»iFORMANCE 


Compiler  Implementor:  Toleremt  Systems 

Ada  Validation  Facility:  ASD/SCEL,  Wri^t-Patterson  AFB  OH  45433-6503 
Ada  Compiler  Validation  Capability  (ACVC)  Version:  1.9 


Base  Configuration 


Base  Compiler  Name:  Tolerant  Ada 

Development  System 

Host  Architecture  ISA:  Tolerant  Eternity 
Target  Architecture  ISA:  Tolerant  Eternity 


Version:  Version  2.2 

0S4VER  #;  TX,  Release  5.3.15 
0S4VER  #:  TX,  Release  5-3  .15 


Implementor's  Declaration 

I,  the  undersigned,  representing  Tolerant  Systems,  have  implemented  no 
deliberate  extensions  to  the  Ada  Language  Standard  ANSI/MIL-STD-1815A  in 
the  compiler  listed  in  this  declaration.  I  declare  that  Toleramt  Systems 
is  the  owner  of  record  of  the  Ada  language  compiler  listed  above  and,  as 
such,  is  responsible  for  maintaining  said  compiler  in  conformance  to 
ANSI/MIL-STD-1815A.  All  certificates  and  registrations  for  the  Ada 
language  compiler  listed  in  this  declaration  shall  be  made  only  in  the 
owner's  corporate  name. 

^ Date : 

/  Tolerant  Systems  C/ 

Victor  Maxted,  Vice  President  of  Engineering 


Owner's  Declaration 


I,  the  undersigned,  representing  Tolerant  Systems,  take  full  responsibility 
for  implementation  ar  I  maintenance  of  the  Ada  compiler  listed  above ,  and 
agree  to  the  public  disclosure  of  the  final  Validation  Simamary  Report.  I 
further  agree  to  continue  to  comply  with  the  Ada  trademark  policy,  as 
defined  by  the  Ada  Joint  Program  Office.  I  declare  that  all  of  the  Ada 
language  compilers  listed,  and  their  host/target  performance,  are  in 
compliance  with  the  Ada  Langiuige  Standard  ANSI/MIL-5TD-1815A. 


Date: 


Victor  Maxted,  Vice  President  of  Engineering 


^ - - - 
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APPENDIX  F  OF  THE  Ada  STANDARD 


The  only  allowed  implementation  dependencies  correspond  to  Implementation- 
dependent  pragmas,  to  certain  machine-dependent  conventions  as  mentioned  In 
chapter  13  of  the  Ada  Standard,  and  to  certain  allowed  restrictions  on 
representation  clauses.  The  Implementation-dependent  characteristics  of 
the  Tolerant  Ada  Development  System,  Version  2.2,  are  described  In  the 
following  sections,  which  discuss  topics  In  Appendix  F  of  the  Ada  Standard. 
Implementation-specific  portions  of  the  package  STANDARD  are  also  Included 
In  this  appendix. 


package  STANDARD  Is 


type  INTEGER  Is  range  -2JM7  483  648  ..  2  14?  483  647; 
type  SHORT  INTEGER  is  range  ^327^8  ..  32767; 
type  TINY_INTEGER  is  range  -128  ..  127; 

type  FLOAT  Is  digits  15  range 

-2#1 . 1 1 1 1 1 1 1 1 1 1_1 1 1 1 1 1 1 1 1 1  1 1 1 1 1 1 1 1 1 1_1 1 1 1 1 1 1 1 1 1_1 1 1 1 1 1 1 1 1 1_1 1  #E1 023  . . 
2#1 . 1 1 1 1 1 1 1 1 1 1_1 1 1 1 1 1 1 1 1 l”l 1 1 1 1 1 1 1 1 1_1 1 1 1 1 1 1 1 1 1_1 1 1 1 1 1 1 1 1 1_1 1#E1 023; 

type  SHORT  FLOAT  Is  digits  6  range 
-2#1.11iTi_11111_11111_11111  111#E127  .. 

2#1 . 1 1 1 1 1_1 1 1 1 1_1 1 1 1 1J  1 1 1 1~1 1 1#E1 27 ; 

type  DURATION  is  delta  2#1.0#E-14  range 
-2#1 00000000000000000.0#  .. 

2*11111111111111111. 1111  111  111  1111#; 


end  STANDARD; 


B-1 


ArTACHMENT 


Appendix  r  Criteria 


1.  Implementation-Dependent  Pragmas 


1.1  1NI.INE_0NLY  Pragma 

The  INI,IKE_OKLT  pragma,  when  used  in  the  same  way  as  progma  INLINE, 
indicates  to  the  compiler  that  the  subprogram  must-  always  be  inlined. 
This  pragma  also  suppresses  the  generation  o£  a  callable  version  of 
the  routine  which  save  code  space . 


1.2  BU1LT_IN  Pragma 

The  BUILT_IN  pragma  is  used  in  the  implementation  of  some  predefined 
Ada  packages,  but  provides  no  user  access.  It  is  used  only  to  inclement 
code  bodies  for  which  no  actual  Ada  body  can  be  provided,  for  example 
the  MACHINE_CODE  pachage. 


1.3  SHARE_CODE  Pragma 

The  SHAR£_COOE  pragma  tabes  the  name  of  a  generic  instantiation  or 
a  generic  unit  as  the  first  argument  and  one  of  the  identifiers  TRUE  or 
FALSE  as  the  second  argument.  This  pragma  is  only  allowed  imnediately 
at  the  place  of  a  declarative  item  in  a  declarative  part  or  pacbage 
specification,  or  after  a  library  unit  in  a  compilation,  but  before 
any  subsequent  compilation  unit. 

When  the  first  argument  is  a  generic  unit  the  pragma  applies  to  all 
instantiations  of  that  generic.  When  the  first  argument  is  the  name 
of  a  generic  instantiation  the  pragma  applies  only  to  the  specified 
instantiation,  or  overloaded  instantiations. 

tf  the  second  argument  is  TRUE  the  compiler  will  try  to  share  code 
generated  for  a  generic  instantiation  with  code  generated  for  other 
instantiations  of  the  saaie  generic.  When  the  second  argument  is  FALSE 
each  instantiation  will  get  a  unique  copy  of  the  generated  code.  The 
extent  to  which  code  is  shared  between  instantiations  depends  on  this 
pragma  and  the  bind  of  generic  formal  parameters  declared  for  the 
generic  unit. 

The  name  pragma  SHARE_BODT  is  also  recognized  by  the  implementation  and 
has  the  same  effect  as  SKARE_CODE.  It  is  included  for  compatability  with 
earlier  versions  of  TAOS. 


1.4  NO_IMAS£  Pragma 

The  pragma  suppresses  the  generation  of  the  image  array  used  for  the 
IMAGE  attribute  of  enumeration  types.  This  eliminates  the  overhead 
required  to  store  the  array  in  the  executable  image. 


1.5  EXT£RNAL_NAME  Pragma 

The  EXTSRNAL_NAME  pragma  tabes  the  name  of  a  subprogram  or  variable 
defined  in  Ada  and  allows  the  user  to  specify  a  different  external  name 
that  may  be  used  to  reference  the  entity  from  other  languages. 

The  pragma  is  allowed  at  the  place  of  a  declarative  item  in  a  package 
specification  and  must  apply  to  an  object  declared  earlier  in  the  same 
pacbage  specification. 
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1 . 6  INTESi‘AC!;_OBJECT  Pragma 

The  INTERFACE_OBJECT  pragma  takes  the  name  of  a  a  variable  defined  in 
another  language  and  allows  it  to  be  referenced  directly  in  Ada.  The 
pragma  will  replace  all  occurrences  of  the  variable  name  with  an  external 
reference  to  the  second,  link_argument .  The  pragma  is  allowed  at  the 
place  of  a  declarative  item  in  a  package  specification  and  must  apply 
to  an  object  declared  earlier  iu  the  same  package  specification.  The 
object  must  be  declared  as  a  scalar  or  an. access  type.  The  object  cannot 
be  any  of  the  following: 

a  loop  variable, 
a  constant, 

an  initialized  variable, 
an  array,  or 
a  record. 


I 

1.7  IMPLICIT_CODE  Pragma 

Takes  one  of  the  identifiers  OH  or  OFF  as  the  single  argument . 
This  pragma  is  only  allowed  within  a  machine  code  procedure. 

It  specifies  that  is^licit  code  generated  by  the  compiler  be 
allowed  or  disallowed. 

A  warning  is  issued  if  OFF  is  used  and  any  implicit  code  needs 
to  be  generated. 

The  default  is  ON. 


2.  Implementation  of  Predefined  Pragmas 


2.1  CONTROLLED 

This  pragma  is  recognized  by  the  implementation  but  has  no  effect. 


2.2  ELABORATE 

This  pragma  is  implemented  as  described  in  Appendix  B  of  the  Ada  RM. 


2  3  INLINE 

This  pragma  is  implemented  as  described  in  Appendix  B  of  the  Ada  RM. 


2.4  INTERFACE 

This  pragma  supports  calls  to  'C'  and  FORTRAN  functions.  The  Ada 
subprograms  can  be  either  functions  or  procedures.  The  types  of 
parameters  and  the  result  type  for  functions  must  be  scalar,  access 
or  the  predefined  type  ADDRESS  in  STSTEM. 

An  optional  third  argument  overrides  the  default  link  name. 

All  parameters  must  have  mode  IN.  Record  and  array  objects  can  be  passed 
by  reference  using  the  ADDRESS  attribute . 


2.5  LIST 

This  pragma  is  implemented  as  described  in  Appendix  B  of  the  Ada  RM. 


2.6  MEMORY  SIZE 


n_T 


This  praona  is  recognized  by  the  implementation.  The  implementation 
does  not  allow  SYSTEM' to  be  modified  by  means  of  pragmas/  the  SYSTEM 
package  must  be  recompiled. 


2.7  OPTIMIZE 

This  pragma  is  recognized  by  the  in^lementation  but  has  no  effect. 


2.8  PACK 

This  pragma  will  cause  the  congsiler  to  choose  a  non-aligned  representation 
for  composite  types.  It  will  not  causes  objects  to  be  packed  at  the  bit 
level . 


2.9  PAGE 

This  pragma  is  implemented  as  described  in  Appendix  B  of  the  Ada  EtM. 

2.10  PRIORITY 

This  pragma  is  inplemented  as  described  in  Appendix  B  of  the  Ada  RM. 

2.11  SHARED 

This  pragma  is  recognized  by  the  implementation  but  has  no  effect. 

2 . 12  ST0BAGE_0N1T 

This  pragma  is  recognized  by  the  implementation.  The  implementation 
does  not  allow  SYSTEM  to  be  modified  by  means  of  pragmas/  the  SYSTEM 
package  must  be  recompiled. 


2.13  SUPPRESS 

This  pragma  is  implemented  as  described,  except  that  RAMGE_CK£CK  and 
DIVISIOM_CHECK  cannot  be  supressed. 

2.14  SYSTEM_NAME 

This  pragma  is  recognized  by  the  implementation.  The  implementation 
does  not  allow  SYSTEM  to  be  modified  by  means  of  pragmas,  the  SYSTEM 
package  must  be  recompiled. 


3 .  Implementation-Dependent  Attributes 
3.1  P'REF 

for  a  prefix  that  denotes  an  object,  a  program  unit,  a  label, 
or  an  entry: 

This  attribute  denotes  the  effective  address  of  the  first  of  the 
storage  units  allocated  to  P. 

Tor  a  subprogram,  package,  task  unit,  or  label,  it  refers  to  the 
address  of  the  machine  code  associated  with  the  corresponding  body 
or  statement. 
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Foe  an  enrry  for  which  an  address  «lause  has  been  given, 
it  refers  to  the  corresponding  hardware  interrupt. 

The  attribute  is  of  the  type  OPERAND  defined  in  the  package  MACHXNE^CODE . 
The  attribute  is  only  allowed  within  a  machine  code  procedure. 

(For  a  package,  task  unit,  or  entry,  the  'REF  attribute  is  not  supported.) 

4 .  Restrictions  On  Representation  Clauses 

4 . 1  Pragma  PACK 

Bit  packing  is  not  supported. 

Objects  and  larger  coo^onents  are  packed  to  the  nearest  whole  STORAGE_UMIT . 

4.2  Size  Specification 

The  size  specification  T'  SMALL  is  not  supported  except  when  the 
representation  specification  is  the  same  as  the  value  'SMALL  for  the 
base  type. 

4.3  Record  Representation  Clauses 

Components  clauses  must  be  aligned  on  STORAGE_UMXT  boundaries. 

4.4  Address  Clauses 

Address  clauses  are  supported  for  variables  and  constants. 

4.5  Interrupts 

Interupt  entries  are  supported  for  UNIX  signals.  The  Ada  for  clause 
gives  the  UNIX  signal  number. 

4.6  Representation  Attributes 

The  ADDRESS  attribute  is  not  supported  for  the  following  entities: 

Packages 

Tasks 

Labels 

Entries 

4.7  Machine  Code  Insertions 

Machine  code  insertions  are  supported. 

5 .  Conventions  for  Implementation-generated  Naa«s 
There  are  no  implementation-generated  names: 

6.  Interpretation  of  Expressions  in  Address  Clauses 

Address  clauses  are  supported  for  constants  and  variables . 

Interupt  entries  are  specified  with  the  number  of  the  UNIX  signal. 

7.  Restrictions  on  Unchecked  Conversions 


None . 


8.  Restrictions  on  Unchecked  Deallocations 
None. 


9.  Is^lementation  Characteristics  of  I/O  Packages 

Instantiations  of  DIR£CT_IO  use  the  value  MAX_REC_SIZ£  as  the  record 
size  (expressed  in  STORAGE_UNITS)  when  the  size  of  ELCM£NT_nPE 
exceeds  that  value.  For  example  for  unconstrained  arrays  such  as  string 
where  EI.EMENT_TYPE' SIZE  is  very  large,  MAX_REC_SIZE  is  used  instead. 
MAX_RECORD_SIZE  is  defined  in  SYSTEM  and  can  be  changed  by  a  program 
before  instantiating  DIRECT_IO  to  provide  an  upper  limit  on  the  record 
size.  In  any  case  the  maximum  size  supported  is  1024  x  1024  x  STORAGE_UKiT 
bits.  OIR£CT_IO  will  raise  USE_ERROR  if  MAX_R£C_SIZE  exceeds  this  absolute 
limit . 

Instantiations  of  SEQUEMTIAL_IO  use  the  value  MRX_R£C_SIZE  as  the  record 
size  (expressed  in  STORAGE_DNITS)  when  the  size  of  CLEMEMT_TYPE 
exceeds  that  value.  For  example  for  unconstrained  arrays  such  as  string 
where  ELEMENT_TYPE' SIZE  is  very  large,  MRX_REC^SIZE  is  used  instead. 
MAX_RECORD_SIZE  is  defined  in  SYSTEM  and  can  be  changed  by  a  program 
before  instantiating  INTSGER_IO  to  provide  an  upper  limit  on  the  record 
size.  SEQUENTIAL_IO  imposes  no  limit  on  MAX_REC_SIZE. 

The  FORM  parameter  to  TEXT_IO  CREATE  and  OPEN  has  been  implemented  to 
provide  access  to  additional  file  characteristics  supported  by  the  TX 
operating  system. 


10.  Implementation  limits 

The  following  limits  are  actually  enforced  by  the  implementation.  It  is 
not  intended  to  imply  that  resources  up  to  or  even  near  these  limits  are 
available  to  every  program. 


10.1  Line  Length 

The  implementation  supports  a  max-imxiiii  line  length  of  500  characters  including 
the  end  of  line  character. 


10.2  Record  and  Array  Sizes 

The  maximum  size  of  a  statically  sized  array  type  is  4,000,000  x  STORAGE_UNITS . 
T.he  maximum  size  of  a  statically  sized  record  type  is  4,000,000  x  STORAGE_UNZTS . 
A  record  type  or  array  type  declaration  that  exceeds  these  limits  will 
generate  a  warning  message. 


10.3  Default  Stack  Size  for  Tasks 

In  the  absence  of  an  explicit  STORAGE_SZZE  length  specification  every 
task  except  the  main  program  is  allocated  a -fixed  size  stack  of  10,240 
ST0RAGE__0NITS .  This  is  the  value  returned  by  T' STORAGE  SIZE  for  a  task 
type  T. 


10.4  Default  Collection  Size 

In  the  absence  of  an  -xplicit  STORAGE_S12E  length  attribute  the  default 
collection  size  for  an  access  type  is  100,000  STORAGE  UNITS.  This  is  t.he. 
value  returned  by  T' STORAGE_SI2E  for  an  access  type  t7 


10.5  Limic.  on  Declared  Objects 

There  is  *n  absolute  limit  of  6,000*000  x  STORAGE_ONITS  for  objects 
declared  statically  within  a  compilation  unit.  If  this  value  is  exceeded 
the  compiler  will  terminate  the  compilation  of  the  unit  with  a  FATAL  error 
message. 
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Attachment  IV:  Package  System 


package  SYSTEM 
is 

type  NAME  is  {  eternity_tx  ) ; 

SYSTEM_NAME  :  constant  NAME  eternity_tx; 

STORAGE_UNIT  :  constant  8;  - 

MEM0RY_SI2E  :  constant  16_777_216; 

—  System-Dependent  Named  Nxxnbers 

MIN_1NT  ;  constant  -2_147_483_647  -  1; 

MAX_INT  :  constant  :■  2_147_483__647; 

MAX_DIG1TS  ;  constant  15; 

MAX_MANTZSSA  :  constant  31; 

riNE_DELTA  :  constant  2.0»*(-31); 

TICK  :  constant  0.01; 

—  Other  System-dependent  Declarations 

subtype  PRIORITY  is  INTEGER  range  0  . .  99; 

MAX_REC_SIZE  :  integer  64*1024; 

type  ADDRESS  is  private; 

NO_ADDR:  constant  ADDRESS; 

function  PHYSICA1_ADDRESS (I:  INTEGER)  return  ADDRESS; 

function  AOOR_GT(A^  B:  ADDRESS)  return  BOOLEAN; 

function  ADDR~LT(A,  B:  ADDRESS)  return  BOOLEAN; 

function  ADDR_GE(A,  B:  ADDRESS)  return  BOOLEAN; 

function  ADDR_LE(A,  B:  ADDRESS)  return  BOOLEAN; 

function  ADDR_DIFF (A,  B:  ADDRESS)  return  INTEGER; 

function  INCR_ADDR(A;  ADDRESS;  INCR;  INTEGER)  return  ADDRESS; 

function  DECR_ADDR(A:  ADDRESS;  DECR:  INTEGER)  return  ADDRESS; 

function  ">" (A,  B;  ADDRESS)  return  BOOLEAN  renames  ADDR_GT; 
function  ■<* (A,  B:  ADDRESS)  return  BOOLEAN  renames  ADDR^LT; 
function  ">"■ (A,  B:  ADDRESS)  rettirn  BOOLEAN  renames  ADDR_GE; 
function  ■<-■ (A,  B:  ADDRESS)  return  BOOLEAN  renames  ADDR~LE; 
function  ■-■ (A,  B:  ADDRESS)  return  INTEGER  renames  ADDR_DIFF; 
function  ■+■ (A;  ADDRESS;  INCR:  INTEGER)  return  ADDRESS  ~ 
renames  INCR_ADDR; 

function  ■-• (A;  ADDRESS;  DECR;  INTEGER)  return  ADDRESS 
renames  DECR_ADDR; 

pragma  inline (PKYSICAL_ADDRESS) ; 
pragma  inline (ADDR_GT) ; 
pragma  inline (ADDR_LT) ; 
pragma  inline (ADDR_GE) ; 
pragma  inline (ADDR~LE) ; 
pragma  inline  (ADDR__DIFF) ; 
pragma  inline (INCR_ADDR) ; 
pragma  inline (DECR_ADDR) ; 

private 

type  ADDRESS  is  new  INTEGER; 

no_addr:  constant  address  address  (0); 

e.nd  SYSTEM; 
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APPENDIX  C 


TEST  PARAMETERS 


Certain  tests  in  the  ACVC  make  use  of  implementation-dependent  values ,  such 
as  the  maximum  length  of  an  input  line  and  invalid  file  names.  A  test  that 
makes  use  of  such  values  is  identified  by  the  extension  .TST  in  its  file 
name.  Actual  values  to  be  substituted  are  represented  by  names  that  begin 
with  a  dollar  sign.  A  value  must  be  substituted  for  each  of  these  names 
before  the  test  is  run.  The  values  used  for  this  validation  are  given 
below. 


Name  and  Meaning _ 

$B1G_ID1 

Identifier  the  size  of  the 

maximum  input  line  length  with 

varying  last  character. 

$BIG_ID2 

Identifier  the  size  of  the 

maximum  input  line  length  with 

varying  last  character. 

$BIG_ID3 

Identifier  the  size  of  the 

maximum  input  line  length  with 

varying  middle  character. 

$B1G_ID4 

Identifier  the  size  of  the 

maximum  input  line  length  with 

varying  middle  character. 

$BIG_INT_LIT 

An  Integer  literal  of  value  298 
with  enough  leading  zeroes  so 
that  it  is  the  size  of  the 
maximum  line  length. 


Value _ 

(I..M98  =>  'A’,  499  =>  M') 


(I..499  s>  *A’,  499  s>  '2’) 


(1..249  I  251. .499  =>  ’A’,  250  =>  '3’) 


(1..249  I  251. .499  =>  ’A’,  250  =>  '4') 


(I..496  s>  ’O', -497. .499  =>  "298") 
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TEST  PARAMETERS 


Value 


$BIG_REAL_LIT  (1..493  =>  'O',  494.. 499  =>  ''69.OEI'') 

A  universal  real  literal  of 
value  690.0  with  enough  leading 
zeroes  to  be  the  size  of  the 
maximum  line  length. 


$BIG_STRING1  (I..I99  =>  'A') 

A  string  literal  which  when 
catenated  with  BIG_STRING2 
yields  the  image  of  BIG_ID1. 


$BIG_STRING2  (1..299  =>  'A',  300  =>  '!') 

A  string  literal  which  when 
catenated  to  the  end  of 
BIG_STRING1  yields  the  image  of 
BIG  ID1. 


$BLANKS  (1..479  =>  '  ' ) 

A  sequence  of  blanks  twenty 
characters  less  than  the  size 
of  the  maximum  line  length. 

$C0UNT_LAST  2J47_483_647 

A  universal  Integer 

literal  whose  value  is 
TEXT  10. COUNT 'LAST. 


*FIELD_LAST  2  J  47_4  83_64  7 

A  universal  integer 

literal  whose  value  is 
TEXT  10. FIELD 'LAST. 


$FILE_NAME_WITH_BAD_CHARS  "/illegal/f ile_name/2 { ] $S2 1 02C .DAT" 

An  external  file  name  that 
either  contains  invalid 

characters  or  is  too  long. 

$FILE_NAME_WITH_WILD_CARD_CHAR  "/illegal/file_name/CE21 02C».DAT" 

An  external  file  name  that 
either  contains  a  wild  card 
character  or  is  too  long. 


$GREATER_THAN_DDRATION  100_000.0 

A  universal  real  literal  that 
lies  between  DURATION 'BASE 'LAST 
and  DURATION 'LAST  or  any  value 
in  the  range  of  DURATION. 


TEST  PARAMETERS 


Name  and  Meaning 


Value 


$GREATER_THAN_DURATION_BASE_LAST 

A  universal  real  literal  that  Is 
greater  than  DURATION 'BASE 'LAST. 

$ILLEGAL_EXTERNAL_FILE_NAME1 

An  external  file  name  which 
contains  Invalid  characters. 

$ILLEGAL_EXTERNAL_FILE_NAME2 

An  external  file  name  which 
is  too  long. 

$INTEGER_FIRST 

A  universal  Integer  literal 
vrtiose  value  is  INTEGER 'FIRST. 

$INTEGER_LAST 

A  universal  Integer  literal 
whose  value  Is  INTEGER 'LAST. 

$INTEGER_LAST_PLDS_1 

A  universal  Integer  literal 
tdiose  value  Is  INTEGER 'LAST  1. 


10  000  000.0 


"no/such/dir ect  ory / ILLEG AL_EXTERNAL_FILE_NAME 1 " 


»no/sueh/directory/ILLEGAL_EXTERNAL_FILE_NAME2" 


-2  147  483  648 


2  147  483  647 


2  147  483  647  1 


$LESS_THAN_DURATION 

fT  universal  real  literal  that 
lies  between  DURATION 'BASE 'FIRST 
and  DURATION 'FIRST  or  any  value 
in  the  range  of  DURATION. 

$LESS_THAN_DURATION_BASE_FIRST 

A  universal  real  literal  that  Is 
less  than  DURATION 'BASE 'FIRST. 


-100  000.0 


-10  000  000.0 


$MAX_DIGITS 

Maximum  digits  supported  for 
floating-point  types . 

$MAX_IN_LEN 

Maximum  input  line  length 
permitted  by  the  implementation. 

$MAX_INT 

A  universal  integer  literal 
whose  value  is  SYSTIM.MAX  INT. 


2  147  483  647 


$MAX_INT_PLUS_1 

A  universal  integer  literal 
whose  value  is  SYSTEM.MAX  INT+1. 


2  147  483  647  +  1 
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TEST  PARAMETERS 


Name  emd  Meaning _  Value _ 

$MAX_LEN_INT_BASED_LITERAL  (1..2  =>  "2:",  3..U96  =>  ’O’,  497.. M99  =>  "11:") 

A  universal  Integer  based 
literal  whose  value  Is  2#11# 
with  enough  leading  zeroes  In 
the  mantissa  to  be  MAX_IN_LEN 
long. 


$MAX_LEN_REAL_BASED_L1TERAL  (1..3  =>  "16:",  4.. 495  =>  ’O’,  496.. 499  =>  "F.E:") 

A  universal  real  based  literal 
whose  value  Is  16:F.E:  with 
enough  leading  zeroes  in  the 
mantissa  to  be  MAX_IN_LEN  long. 

$MAX_STRING_LITERAL  (1  =>  2. .498  =>  ’A’,  499  =>  '"') 

A  string  literal  of  size 
MAX_IN__LEN,  Including  the  quote 
characters . 


$MIN_INT  -2_147_483_648 

A  universal  Integer  literal 
whose  value  la  SYSTEM. MIN  INT. 


$NAME  TINY^INTEGER 

A  name  of  a  predefined  numeric 
type  other  than  FLOAT,  INTEGER, 

SHORT  FLOAT,  SHORT  INTEGER, 

L0NG_FL0AT,  or  LONG"inTEGER . 

|NEG_BASED_INT  16#FPFFFFFD# 

A  based  Integer  literal  whose 
highest  order  nonzero  bit 
falls  In  the  sign  bit 
position  of  the  representation 
for  SYSTEM .MAX  INT. 
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APPENDIX  D 


WITHDRAWN  TESTS 


Some  tests  are  withdrawn  from  the  ACVC  because  they  do  not  conform  to  the 
Ada  Standard.  The  following  27  tests  had  been  withdrawn  at  the  time  of 
validation  testing  for  the  reasons  Indicated.  A  reference  of  the  form 
"Al-ddddd"  la  to  an  Ada  Commentary. 


.  B28003A:  A  basic  declaration  (line  36)  incorrectly  follows  a 

later  declaration. 

.  E28005C!  This  test  requires  that  "PRAGMA  LIST  (ON);"  not 

appear  in  a  listing  that  has  been  suspended  by  a  previous 
"PRAGMA  LIST  (OFF);";  the  Ada  Standard  is  not  clear  on  this 
point,  and  the  matter  will  be  reviewed  by  the  AJPO. 

.  C34004A:  The  expression  in  line  168  yields  a  value  outside 

the  range  of  the  target  type  T,  but  there  is  no  handler  for 
CONSTRAINT_ERROR. 

.  C35502P:  The  equality  operators  in  lines  62  and  69  should  be 

inequality  ope'ators. 

.  A35902C;  The  asjignment  in  line  17  of  the  nominal  upper 

bound  of  a  fixed-point  type  to  an  object  raises 
CONSTRAINT_ERROR,  for  that  value  lies  outside  of  the  actual 
range  of  the  type. 

.  C35904A:  The  elaboration  of  the  fixed-point  subtype  on  line 

28  wrongly  raises  CONSTRAINT_ERROR ,  because  its  upper  bound 
exceeds  that  of  the  type. 

.  C35904B:  The  subtype  declaration  that  is  expected  to  raise 

CONSTRAINT_ERROR  when  its  compatibility  is  checked  against 
that  of  various  types  passed  as  actual  generic  parameters, 
may,  in  fact,  raise  NDMERICJERROR  or  CONSTRAINT_ERROR  for 
reasons  not  anticipated  by  the  test.  ” 
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WITHDRAWN  TESTS 


.  C35A03E  and  C35A03R:  These  tests  assume  that  attribute 

’MANTISSA  returns  0  when  applied  to  a  fixed-point  type  with  a 
null  range ,  but  the  Ada  Standard  does  not  support  this 
assumption. 

.  C37213H:  The  subtype  declaration  of  SCONS  in  line  100  is 

incorrectly  expected  to  raise  an  exception  when  elaborated. 

.  C37213J!  The  aggregate  in  line  451  incorrectly  raises 

C0NSTRAINT_ERR0R. 

.  C37215C,  C37215E,  C37215G,  and  C37215H:  Various  discriminant 

constraints  are  incorrectly  expected  to  be  incompatible  with 
type  CONS. 

.  C38‘>02C:  The  fixed-point  conversion  on  line  23  wrongly 

raises  C0NSTRA1NT_ERR0R. 

.  C41402A:  The  attribute  *STORAGE_SIZE  is  incorrectly  applied 

to  an  object  of  an  access  type. 

•  C45332A:  The  test  expects  that  either  an  expression  in  line 

52  will  raise  an  exception  or  else  MACHINEjOVERFLOWS  is 
FALSE.  However,  an  implementation  may  evaluate  the 
expression  correctly  using  a  type  with  a  wider  range  than  the 
base  type  of  th?  operands,  and  MACHINE  OVERFLOWS  may  still  be 
TRUE. 

.  C45614C:  The  function  call  of  IDENT_INT  in  line  15  uses  an 

argument  of  the  wrong  type. 

.  A74106C,  C85018B,  C87B04B,  and  CC1311B:  A  bound  specified  in 

a  fixed-point  subtype  declaration  lies  outside  of  that 
calculated  for  the  base  type,  raising  C0NSTRAINT_ERR0R. 
Errors  of  this  sort  occur  at  lines  37  A  59,  142  A  143,  16  A 
48,  and  252  A  253  of  the  four  tests,  respectively. 

.  BC3105A;  Lines  159  throu^  168  expect  error  messages,  but 

these  lines  are  correct  Ada. 

.  AD1A01A:  The  declaration  of  subtype  SINT3  raises 

CONSTRAINT_ERROR  for  implementations  which  select  INT’SIZE  to 
be  16  or  greater. 

.  CE2401H;  The  record  aggre^tes  in  lines  105  and  117  contain 

the  wrong  values. 

.  CE3208A:  This  test  expects  that  an  attempt  to  open  the 

default  output  file  (after  it  was  closed)  with  mode  IN_FILE 
raises  NAME_ERR0R  or  0SE__ERR0Rj  by  Commentary  AI-00048, 
MODE  ERROR  should  be  raised. 
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